Comprehensive security tool installer with interactive menus, pre-built profiles, and distro-specific support

Find a file

rpriven c4f40e79c8 Improve tool update output and version display Fixed two UX issues in tool update management: 1. Version Check Output: - Extract version numbers using regex (v1.2.3 pattern) - Show clean version instead of full banner output - Fallback to "installed" if version can't be parsed - Fixes noise from tool ASCII art banners 2. Update All Go Tools: - List all tools before confirmation prompt - Show which tools are installed vs will be skipped - Skip uninstalled tools during update loop - Report skipped count in final summary - Users can see exactly what will be updated Changes: - Added regex version extraction in check_tool_versions() - Added tool list display in update_all_go_tools() - Added skip logic for uninstalled tools - Updated summary to show: Updated \| Failed \| Skipped 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>		2025-11-01 00:11:49 -06:00
images	Add interactive tool selection with gum multi-select	2025-10-31 23:47:33 -06:00
.gitignore	Toolbelt v2.0 - Complete refactor with interactive menus and profiles	2025-10-31 23:17:41 -06:00
config.py	Toolbelt v2.0 - Complete refactor with interactive menus and profiles	2025-10-31 23:17:41 -06:00
installer.py	Toolbelt v2.0 - Complete refactor with interactive menus and profiles	2025-10-31 23:17:41 -06:00
PYTHON_STANDARDS.md	Add interactive tool selection with gum multi-select	2025-10-31 23:47:33 -06:00
README.md	Add tool update management with hybrid PDTM/go install approach	2025-11-01 00:03:32 -06:00
TODO.md	Add tool update management with hybrid PDTM/go install approach	2025-11-01 00:03:32 -06:00
toolbelt.py	Improve tool update output and version display	2025-11-01 00:11:49 -06:00
toolbelt.sh.old	Toolbelt v2.0 - Complete refactor with interactive menus and profiles	2025-10-31 23:17:41 -06:00
toolbelt_old.py	Toolbelt v2.0 - Complete refactor with interactive menus and profiles	2025-10-31 23:17:41 -06:00
utils.py	Fix gum multi-select TTY access issue	2025-10-31 23:50:12 -06:00

README.md

Djedi Toolbelt v2.0

Comprehensive security tool installer with interactive menus, pre-built profiles, and distro-specific support.

🚀 What's New in v2.0

✅ Interactive 3-Level Menu System - Browse categories, select tools, install profiles
✅ Pre-Built Profiles - Bug Bounty, CTF, Web App, Network, Full Pentest
✅ Distro Detection - Kali, Debian, Ubuntu support with appropriate tool sets
✅ No Root Requirement - Runs as user, uses sudo only when needed
✅ Comprehensive Logging - Dual output (console + file)
✅ Fresh Integration - Detects and recommends modern CLI tools
✅ Modular Architecture - Clean, maintainable Python code

📋 Quick Start

# Clone the repository
git clone https://github.com/rpriven/toolbelt.git
cd toolbelt

# Run toolbelt (no sudo needed!)
python3 toolbelt.py

Important: Do NOT run as root/sudo. The script will use sudo for specific commands that require it.

🎯 Features

Level 1 - Main Menu:

Quick Install Profiles
Browse & Select Categories
Install Prerequisites (fresh)
View Installed Tools
Check for Tool Updates

Level 2 - Categories:

📦 APT Tools - Package manager tools
🔷 Go Tools - Security tools written in Go
🔧 /opt Tools - Tools cloned to /opt
🐍 Python Tools - Tools via pip3
🐳 Docker Tools - Containerized tools
📜 Useful Scripts - PEAS, PowerView, etc.

Level 3 - Tool Selection:

Install all tools in category
Individual tool selection (gum multi-select)

Tool Update Management:

Check versions of installed tools
Update all ProjectDiscovery tools (pdtm)
Update all Go tools to @latest
Select individual tools to update (gum multi-select)

Pre-Built Profiles

Bug Bounty Hunter - Web app testing and reconnaissance

nmap, masscan, nikto, sqlmap, burpsuite
nuclei, httpx, subfinder, katana, amass
Sublist3r, wafw00f, XSStrike
wfuzz, arjun, scripts collection

CTF Player - Capture The Flag tools

nmap, burpsuite, sqlmap, wireshark
Python tools: wfuzz, scrapy, requests
Scripts collection

Web Application Testing - Web security focus

nmap, nikto, sqlmap, burpsuite
nuclei, httpx, katana
wafw00f, XSStrike, Striker
wfuzz, arjun, scrapy

Network Pentesting - Network recon and scanning

nmap, masscan, wireshark
naabu, amass, assetfinder, httprobe
RustScan (Docker)

Full Pentesting Arsenal - Everything (5GB+)

All APT tools
All Go tools
All /opt tools
All Python tools
All Docker tools
All scripts

🛠️ Tool Categories

APT Tools (via package manager)

Kali Linux: nmap, masscan, naabu, nuclei, burpsuite, feroxbuster, nikto, gobuster, seclists, sqlmap, git, docker.io, docker-compose, golang-go, wireshark

Debian/Ubuntu: nmap, masscan, nikto, sqlmap, git, docker.io, docker-compose, golang-go, wireshark, burpsuite

Go Tools (via go install)

naabu, nuclei, katana, httpx, subfinder, amass, assetfinder, httprobe, gowitness, subjack, hakrawler, webanalyze

All ProjectDiscovery tools included

/opt Tools (cloned to /opt)

pimpmykali (Kali only) - Golang + Impacket setup
xnLinkFinder - Link finder for bug bounty
Knockpy - Subdomain enumeration
Sublist3r - Subdomain discovery
Striker - Web application scanner
wafw00f - WAF detection
waymore - Web archive scraper
XSStrike - XSS detection suite

Python Tools (via pip3)

wfuzz, arjun, scrapy, tld, requests, fuzzywuzzy

Docker Tools

RustScan - Fast port scanner

Includes alias setup for shell

Useful Scripts (downloaded to ~/scripts)

linpeas.sh - Linux privilege escalation
jaws-enum.ps1 - Windows enumeration
LinEnum.sh - Linux enumeration
winPEASany_ofs.exe - Windows privilege escalation
php-reverse-shell.php - PHP reverse shell
linux-exploit-suggester.sh - Linux exploit suggester
PowerView.ps1 - PowerShell AD enumeration

🔧 Requirements

OS: Kali Linux, Debian, or Ubuntu
Python: 3.6+
Package Manager: apt
Privileges: sudo access (script runs as user, not root)
Optional: gum (for interactive multi-select) - go install github.com/charmbracelet/gum@latest

📖 Usage Examples

Install a Profile

python3 toolbelt.py
# Select: 1) Quick Install Profiles
# Choose: Bug Bounty Hunter

Browse Categories

python3 toolbelt.py
# Select: 2) Browse & Select Categories
# Choose category (e.g., Go Tools)
# Option 1: Install all tools
# Option 2: Select specific tools (interactive multi-select with gum)

Interactive Tool Selection (gum)

With gum installed, you get beautiful interactive multi-select:

python3 toolbelt.py
# Select: 2) Browse & Select Categories
# Choose: Go Tools
# Select: 2) Select Specific Tools
# Use SPACE to toggle, ENTER when done
# Confirm selection and install

Without gum: The script will prompt you to install it or fall back to "Install All" option.

Check Installed Tools

python3 toolbelt.py
# Select: 4) View Installed Tools

Update Tools

python3 toolbelt.py
# Select: 5) Check for Tool Updates

# Option 1: Check versions only (see what's outdated)
# Option 2: Update all ProjectDiscovery tools (pdtm -ua)
# Option 3: Update all Go tools to @latest
# Option 4: Select specific tools to update (gum multi-select)

Update strategies:

Fast PD Update: Option 2 uses pdtm for lightning-fast ProjectDiscovery tool updates
Comprehensive Update: Option 3 updates ALL Go tools (PD + non-PD)
Selective Update: Option 4 lets you cherry-pick which tools to update

🔗 Integration with Fresh

Toolbelt integrates with fresh for modern CLI productivity tools.

Recommended Setup:

Install fresh first - Modern CLI foundation (fzf, ripgrep, bat, etc.)
Install toolbelt - Security tools
Install tmux-recon (optional) - Pentesting automation

Fresh provides essential CLI tools that enhance the security workflow. Toolbelt will detect if fresh is installed and prompt you to install it if missing.

📂 Architecture

toolbelt/
├── toolbelt.py      # Main entry point with interactive menus
├── utils.py         # Distro detection, logging, helpers
├── config.py        # Tool definitions, profiles, categories
├── installer.py     # Installation logic for each category
├── toolbelt_old.py  # Original v1.0 (reference)
└── toolbelt.sh.old  # Legacy bash version (archived)

Modular Design:

utils.py - System checks, logging setup, helper functions
config.py - Tool lists, profile definitions, category metadata
installer.py - Installation functions for each tool category
toolbelt.py - Interactive menu system and main flow

🔐 Security Notes

No Root Execution: Script runs as regular user, uses sudo only for specific commands
Logging: All operations logged to ~/toolbelt-install.log
Smart Detection: Skips already-installed tools
Error Handling: Comprehensive error checking and reporting

🐛 Known Issues

Individual tool selection menu (Level 3) coming in next update
Custom profile saving/loading planned for future release

🤝 Contributing

Contributions welcome! Please feel free to submit pull requests or open issues for:

Additional tool suggestions
New profiles
Platform support improvements
Bug fixes

📝 Version History

v2.0.0 (2025-10-31)

Complete rewrite with interactive menu system
Pre-built profile support
Distro detection (Kali, Debian, Ubuntu)
Removed root requirement
Added comprehensive logging
Fresh integration
Modular architecture

v1.0 (2023)

Original automated installer
Bash and Python versions
Root required
No menu system

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

Built for the pentesting and bug bounty community
Integrates tools from ProjectDiscovery, OWASP, and many open source developers
Inspired by the need for quick, consistent tool setup across environments
Part of the Djedi security tooling ecosystem

Djedi Toolbelt - Because every pentester deserves a well-equipped toolbelt. 🔧